Network access control (NAC), also called network admission control, enhances or enables the security of a proprietary network (e.g., a Software-as-a-Service (SAAS) proprietary network server) by restricting the availability of network resources to endpoint user devices that comply with a defined security policy. In some cases, an NAC server performs authentication and authorization functions for the user devices of potential subscribers by verifying login information, e.g. username and password, when the user devices attempt to login to the proprietary network, e.g., through the Internet. In addition, the NAC server may restrict the data that each particular user or user device can access and may implement anti-threat applications such as firewalls, antivirus software, and spyware-detection programs. The NAC server may also regulate and restrict the actions that individual subscribers can do within the proprietary network once they are logged in.
NAC is commonly used by corporations, agencies, and other entities that require the user environment to be rigidly controlled. However, security issues still arise with respect to NAC systems in proprietary networks with large numbers of users and many different, frequently changing, devices that may be used to access the proprietary network. An example is a proprietary network for a large university with multiple departments, numerous access points and thousands of users with various backgrounds and objectives.